AMENDMENTS TO THE CLAIMS 



This listing of claims will replace all prior versions, and listings, of claims 
in the application: 

Listing of Claims: 

1 1 . (Currently amended) A method for managing information retention in a 

2 system, comprising: 

3 receiving a set of information into a system; 

4 associating one or more keys with said set of information; 

5 encrypting said set of information using said one or more keys; 

6 storing said set of information in encrypted form into one or more 

7 repositories, wherein only the encrypted form of the set of information is 

8 persistently stored within the information system and no unencrypted form of the 

9 set of information is persistently stored within the information system; m4 

10 purging said set of information from the system so that said set of 

1 1 information is not available w}#Hn- to a user from the system by deleting said one 

1 2 or more keys, thereby making said set of information unrenderable; 

13 prior to deletion of said one or more keys, receiving a request from an 

14 information sink to render said set of information to a user; 

15 accessing the encrypted form of said set of information from the one or 

16 more repositories: 

17 accessing said one or more keys; 

18 providing the encrypted form of said set of information and said one or 

19 more keys to the information sink to enable the infonnation sink to decrypt the 

20 encrypted form of said set of information: and 
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22 
23 



using said one or more keys to render said set of information to the user, 
wherein the information sink comprises sufficient logic to prevent it from 
persistently storing said one or more keys received from an information manager . 



1 2. (Original) The method of claim 1 , wherein said set of information is 

2 purged from the system without requiring that the encrypted form of said set of 

3 information be deleted from the one or more repositories. 

1 3, (Original) The method of claim 1 , wherein said set of information is 

2 stored in the one or more repositories only in encrypted form. 

1 4. (Original) The method of claim 1, wherein said one or more keys 

2 comprises a symmetrically paired set of keys. 

1 5. (Original) The method of claim 1, further comprising: 

2 prior to deletion of said one or more keys, receiving a request from an 

3 information sink to render said set of information to a user; 

4 accessing the encrypted form of said set of information from the one or 

5 more repositories; 

6 decrypting the encrypted form of said set of information using said one or 

7 more keys to derive said set of information; and 

8 providing said set of information to the information sink to render said set 

9 of information to the user. 

1 6. (Original) The method of claim 5, wherein said set of information is 

2 stored in the one or more repositories only in encrypted form, and wherein the 

3 encrypted form of said set of information is decrypted only when it is necessary to 

4 render said set of information to the user. 

3 

EJG E:\Sun Microsystems\SUN-P3748-MEG\Amendment D SUN-P3748-MEG.doc 



1 7 (Canceled). 

1 8. (Currently amended) The method of claim 7 clahTi 1 , wherein said set of 



2 information is stored in the one or more repositories only in encrypted form, and 

3 wherein the encrypted form of said set of information is decrypted only when it is 

4 necessary to render said set of information to the user. 

1 9. (Original) The method of claim 1, wherein purging comprises: 

2 determining, based upon an information retention policy, whether said set 

3 of information should be purged from the system; and 

4 in response to a determination that said set of information should be 

5 purged from the system, purging said set of information from the system by 

6 deleting said one or more keys, thereby making said set of information 

7 unrenderable, 

1 10. (Original) The method of claim 9, wherein said information retention 

2 policy is time-based such that said set of information is purged after a certain 

3 period of time. 

1 11. (Original) The method of claim 9, wherein said information retention 

2 policy is condition-based such that said set of information is purged when one or 

3 more conditions are satisfied. 

1 12. (Currently amended) An apparatus for managing information retention 

2 in a system, comprising: 

3 a mechanism for receiving a set of information into a system; 

4 a mechanism for associating one or more keys with said set of 

5 information; 
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6 a mechanism for encrypting said set of information using said one or more 

7 keys; 

8 a mechanism for storing said set of information in encrypted form into one 

9 or more repositories, wherein only the encrypted form of the set of information is 

10 persistently stored within the information system and no unencrypted form of the 

1 1 set of information is persistently stored within the information system; m4 

12 a mechanism for purging said set of information from the system so that 

1 3 said set of information is not available wkMn- to a user from the system by 

14 deleting said one or more keys, thereby making said set of information 

1 5 unrenderable; 

16 a mechanism for receiving, prior to deletion of said one or more keys, a 

17 request from an infonnation sink to render said set of information to a user: 

18 a mechanism for accessing the encrypted form of said set of information 

19 from the one or more repositories; 

20 a mechanism for accessing said one or more keys; 

21 a mechanism for providing the encrypted fonn of said set of information 

22 and said one or more keys to the information sink to enable the information sink 

23 to decrypt the encrypted form of said set of information; and 

24 using said one or more keys to render said set of information to the user, 

25 wherein the information sink comprises sufficient logic to prevent it from 

26 persistently storing said one or more keys received trom an information mcinager . 

1 13. (Original) The apparatus of claim 12, wherein said set of information 

2 is purged from the system without requiring that the encrypted form of said set of 

3 information be deleted from the one or more repositories. 

1 14. (Original) The apparatus of claim 12, wherein said set of information 

2 is stored in the one or more repositories only in encrypted form. 
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1 15. (Original) The apparatus of claim 12, wherein said one or more keys 

2 comprises a symmetrically paired set of keys. 

1 16. (Original) The apparatus of claim 12, further comprising: 

2 a mechanism for receiving, prior to deletion of said one or more keys, a 

3 request from an information sink to render said set of information to a user; 

4 a mechanism for accessing the encrypted form of said set of information 

5 from the one or more repositories; 

6 a mechanism for decrypting the encrypted form of said set of information 

7 using said one or more keys to derive said set of information; and 

8 a mechanism for providing said set of information to the information sink 

9 to enable the information sink to render said set of information to the user. 

1 17. (Original) The apparatus of claim 16, wherein said set of information 

2 is stored in the one or more repositories only in encrypted form, and wherein the 

3 encrypted form of said set of information is decrypted only when it is necessary to 

4 render said set of information to the user. 

1 18 (Canceled). 



1 19. (Currently amended) The apparatus of claim IS claim 12 , wherein said 

2 set of information is stored in the one or more repositories only in encrypted form, 

3 and wherein the encrypted form of said set of information is decrypted by the 

4 information sink only when it is necessary to render said set of information to the 

5 user. 

1 20. (Original) The apparatus of claim 12, wherein the mechanism for 

2 purging comprises: 
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3 a mechanism for determining, based upon an information retention policy, 

4 whether said set of information should be purged from the system; and 

5 a mechanism for deleting, in response to a determination that said set of 

6 information should be purged from the system, said one or more keys, thereby 

7 making said set of information unrenderable. 

1 21. (Original) The apparatus of claim 20, wherein said information 

2 retention policy is time-based such that said set of information is purged after a 

3 certain period of time. 

1 22. (Original) The apparatus of claim 20, wherein said information 

2 retention policy is condition-based such that said set of information is purged 

3 when one or more conditions are satisfied. 

1 23. (Currently amended) A computer readable medium having stored 

2 thereon instructions which, when executed by one or more processors, cause the 

3 one or more processors to manage information retention in a system, comprising: 

4 instructions for causing one or more processors to receive a set of 

5 information into a system; 

6 instructions for causing one or more processors to associate one or more 

7 keys with said set of information; 

8 instructions for causing one or more processors to encrypt said set of 

9 information using said one or more keys; 

10 instructions for causing one or more processors to store said set of 

1 1 information in encrypted form into one or more repositories; 

12 wherein only the encrypted form of the set of information is persistently 

13 stored within the information system and no unencrypted form of the set of 

14 information is persistently stored within the information system, and 
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1 5 instructions for causing one or more processors to purge said set of 
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information from the system so that said set of information is not available within 
to a user from the system by deleting said one or more keys, thereby making said 
set of information unrenderable: 

insti-uctions for causing one or more processors to receive, prior to deletion 
of said one or more keys, a request from an information sink to render said set of 
infonnation to a user; 

instructions for causing one or more processors to access the enciYpted 
form of said set of information from the one or more repositories; 

instructions for causing one or more processors to access said one or more 

keys: 

instructions for causing one or more processors to provide the encrypted 
form of said set of information and said one or more keys to the infonnation sink 
to enable the information sink to decn^t the encrypted form of said set of 
infomiation: and 

instructions for using said one or more keys to render said set of 
information to the user, wherein the information sink comprises sufficient logic to 
prevent it from persistently storing said one or more keys received from an 
information manager . 



1 24. (Original) The computer readable medium of claim 23, wherein said 

2 set of information is purged from the system without requiring that the encrypted 

3 form of said set of information be deleted from the one or more repositories. 

1 25. (Original) The computer readable medium of claim 23, wherein said 

2 set of information is stored in the one or more repositories only in encrypted form. 
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1 26. (Original) The computer readable medium of claim 23, wherein said 

2 one or more keys comprises a symmetrically paired set of keys. 

1 27. (Original) The computer readable medium of claim 23, further 

2 comprising: 

3 instructions for causing one or more processors to receive, prior to deletion 

4 of said one or more keys, a request from an information sink to render said set of 

5 information to a user; 

6 instructions for causing one or more processors to access the encrypted 

7 form of said set of information from the one or more repositories; 

8 instructions for causing one or more processors to decrypt the encrypted 

9 form of said set of information using said one or more keys to derive said set of 

10 information; and 

1 1 instructions for causing one or more processors to provide said set of 

12 information to the information sink to enable the information sink to render said 

1 3 set of information to the user. 

1 28. (Original) The computer readable medium of claim 27, wherein said 

2 set of information is stored in the one or more repositories only in encrypted form, 

3 and wherein the encrypted form of said set of information is decrypted only when 

4 it is necessary to render said set of information to the user. 

1 29 (Canceled). 

1 30. (Currently amended) The computer readable medium of claim 29 claim 

2 23, wherein said set of information is stored in the one or more repositories only 

3 in encrypted form, and wherein the encrypted form of said set of information is 
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4 decrypted by the information sink only when it is necessary to render said set of 

5 information to the user. 



1 31. (Original) The computer readable medium of claim 23, wherein the 

2 instructions for causing one or more processors to purge said set of information 

3 from the system comprises: 

4 instructions for causing one or more processors to determine, based upon 

5 an information retention policy, whether said set of information should be purged 

6 from the system; and 

7 instructions for causing one or more processors to delete, in response to a 

8 determination that said set of information should be purged from the system, said 

9 one or more keys, thereby making said set of information unrenderable. 

1 32. (Original) The computer readable medium of claim 3 1 , wherein said 

2 information retention policy is time-based such that said set of information is 

3 purged after a certain period of time. 

1 33. (Original) The computer readable medium of claim 3 1 , wherein said 

2 information retention policy is condition-based such that said set of information is 

3 purged when one or more conditions are satisfied. 
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